Scumware: Parasite plug-ins
There has been a tremendous amount of noise in the industry relating to Scumware and Parasite ware and to demonstrate our commitment to you, we decided to investigate this and have the following to share with you…
Our investigation revealed the following facts:
Within the broad range of scumware applications out there, hundreds of smaller parasite plug-ins have been developed to specifically identify advertising space (including pop-ups) on websites and then dynamically re-write the url string to replace the originating url information with the parasite owner's details. Essentially, your traffic is hi-jacked instantly and the end user is completely unaware of the fact that he's being escorted to the site by a thief. The user still arrives at the website he thought he would when he clicked on the "banner" and the transaction continues unhindered.
Unfortunately, the rate of infection is unknown and new parasites are developed all the time. It's not too difficult for an unsuspecting or inexperienced user to infect themselves and, fortunately or unfortunately, the successful installation of the parasite relies entirely on the user voluntarily accepting it. Obviously, the parasites are well hidden in a new tool bar application, a file sharing program, password storage program or even system pop-ups asking the user to choose "Yes to Proceed" or "No to Cancel". Clicking yes to many of these windows immediately opens the door to the parasite.
In one scenario, the parasite can be an Internet Explorer plug-in called IE Assist, which installs a parasite file called winy.exe. This small little file allows the parasite owner to take control of any advertising on any infected pc. The frustrating part is that even though you and your site are clean as a whistle, it's your visitor's pc that counts. So, lets talk solutions.
The real, long-term answer is to be very careful in what we accept or download on the net. However, many thousands are already infected and we need to provide a solution for them to stop traffic theft as soon as possible. The only way to cut back on traffic being stolen by the parasites is to help your infected users detect and uninstall the guilty applications and plug-ins on their pc's. Remember, the likelihood is that most of your users won't be infected - but losing even 1% of your traffic to parasites is obviously too much.